Automatic merge from submit-queue (batch tested with PRs 61195, 61479). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Use RaceFreeFakeWatcher in ObjectTracker to fix racy watch panics
**What this PR does / why we need it**:
The `FakeWatcher` added to `ObjectTracker` in #57504 allows sends on the result channel after it's closed; for example calling `Stop()` then `Add(obj)` will cause a panic. In my experience this has led to flaky tests when informers and controllers are running.
Replacing `FakeWatcher` with `RaceFreeFakeWatcher` fixes the problem, since `RaceFreeFakeWatcher` ignores additional events that occur after the watcher is stopped. It also panics instead of blocking when the result channel is full, which seems like a more useful behavior in tests than blocking.
I removed the `FakeWatchBufferSize` constant since `RaceFreeFakeWatcher` doesn't take a buffer size argument anymore. This seems fine since the `DefaultChanSize` constant is close to the `FakeWatchBufferSize` value (100 vs 128).
**Special notes for your reviewer**:
I can provide a minimal repro of a flaky test caused by the earlier behavior if necessary.
**Release note**:
```release-note
Fix racy panics when using fake watches with ObjectTracker
```
Kubernetes-commit: f8981147e2fe01c3af6bbefa12be4e4c8d63acbc
Automatic merge from submit-queue (batch tested with PRs 61644, 61624, 61743, 61019, 61287). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
provide easy methods for direct kubeconfig loading from bytes
Adds a `RESTConfigFromKubeConfig([]byte)` method for taking a kubeconfig and getting back the rest.Config. There are ways to do this now, but it takes a fair amount of wiring that is a pain.
As kube starts dropping `--master` flags from its commands, it will be able to use this. For current consumers, this will be a big simplification.
```release-note
NONE
```
Kubernetes-commit: 90c09c75d67831ad46cc0c9abb954b6936ca86b3
Automatic merge from submit-queue (batch tested with PRs 60455, 61365, 61375, 61597, 61491). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
removes custom scalers from kubectl
**What this PR does / why we need it**: this PR removes custom scalers from kubectl and uses the genericScaler instead.
**Release note**:
```
NONE
```
Kubernetes-commit: eda9fab0032b9cfbd8b55ab07a16fe35e921f775
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Replace package "golang.org/x/net/context" with "context"
**What this PR does / why we need it**:
Replace package "golang.org/x/net/context" with "context"
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60560
**Special notes for your reviewer**:
As of Go 1.7 this package(golang.org/x/net/context) is available in the standard library under the name context. see (https://godoc.org/golang.org/x/net/context)
It is almost machinery replace.
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 915798d229b7be076d8e53d6aa1573adabd470d2
Automatic merge from submit-queue (batch tested with PRs 60373, 61098, 61352, 61359, 61362). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Bump cfssl to be compatible with Go 1.10
Kubernetes-commit: ef3539e69e4c897f48ecd6b2dd73417ce0416b08
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove YEAR field of all generated files and fix kubernetes boilerplate checker
**What this PR does / why we need it**:
Remove YEAR field of all generated files and fix kubernetes boilerplate checker
xref: [remove YEAR fileds in gengo #91](https://github.com/kubernetes/gengo/pull/91)
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes [#gengo/issues/24](https://github.com/kubernetes/gengo/issues/24)
**Special notes for your reviewer**:
/cc @thockin @lavalamp @sttts
**Release note**:
```release-note
NONE
```
Kubernetes-commit: e40ffd71972b820aeed283946e880aa2479f8524
Automatic merge from submit-queue (batch tested with PRs 60696, 60876, 60901, 60925, 60428). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Improve debug curl command
When logging debug curl command, add single quotes around URL and headers. This prevents quietly removing any parameters after '&' when running resulting command and improves formatting.
```release-note
NONE
```
Kubernetes-commit: de1a0e3249b67cd72c1a412a2688f693a0201b70
Automatic merge from submit-queue (batch tested with PRs 60696, 60876, 60901, 60925, 60428). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
client-go/util/cert go_library shouldn't depend on testdata
**What this PR does / why we need it**: 981dd8dc66 (diff-eb996d3ca3a215d7d93faaaffb77dbd7) accidentally added a testdata dependency on the go_library rule, rather than the go_test. This breaks vendoring of this rule into other bazel projects that prune out tests and testdata.
Only the unit test depends on testdata, so the BUILD file should reflect that, too.
x-ref https://github.com/kubernetes/test-infra/pull/6835#discussion_r173010769
**Release note**:
```release-note
NONE
```
cc @BenTheElder @krzyzacy
Kubernetes-commit: 7543ddde4c06af80a992c4d64dd3fcef633e5be7
Automatic merge from submit-queue (batch tested with PRs 60710, 60855, 60873, 60895, 60862). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix local cluster leaking memory.
**What this PR does / why we need it**:
Local cluster is leaking memory due to mutation detector being enabled.
In addition there is no warning in the logs that this could be the
issue.
Added a log warning when this feature is enabled to make debugging this
issue easier for other cases of this.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60854
**Special notes for your reviewer**:
**Release note**:
```release-note
None
```
Kubernetes-commit: e6ba628b072f37cbc0e35c70c2063dbc24cbb1a7
Automatic merge from submit-queue (batch tested with PRs 51423, 53880). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
prevent the same path load multiple times
**What this PR does / why we need it**:
prevent the same path load multiple times,if there are several same path, we only load one time
**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes#53723
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes-commit: eefd72557ef7ce008e2138ca7d91f6a8d8634f73
The FakeWatcher allows sends on the result channel after it's closed,
for example calling Stop() then Add() will panic. RaceFreeFakeWatcher
checks whether the watcher is stopped before attempting to send. It also
panics instead of blocking when the result channel is full.
Kubernetes-commit: b84ad8828b6ffe0dd289f69e395968eabb9fbeaa
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
oidc: add rithujohn191 as a reviewer
cc @rithujohn191
/sig auth
/kind documentation
```release-note
NONE
```
Kubernetes-commit: f196b7c7523dbf0d6ed703a93af73f54e9d2e42c
Local cluster is leaking memory due to mutation detector being enabled.
In addition there is no warning in the logs that this could be the
issue.
Added a log warning when this feature is enabled to make debugging this
issue easier for other cases of this.
Fixed import ordering as per @liggitt
Kubernetes-commit: 07ba609b50d6f00c52acbfd6eaa43e6b527c5c2d
Automatic merge from submit-queue (batch tested with PRs 60376, 55584, 60358, 54631, 60291). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
cloud-controller-manager get /healthz to wait for apiserver to be healthy
**What this PR does / why we need it**:
currently cloud-controller-manager use `restclient.ServerAPIVersions()` to wait for apiserver to be healthy.
Remove ServerAPIVersions and make use of /healthz as all other components do.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes#60288
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes-commit: b8c5bcf48a8852ba7f859a06ce35eac3d8fffafa
Automatic merge from submit-queue (batch tested with PRs 59365, 60446, 60448, 55019, 60431). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Remove dep-reviewers
**What this PR does / why we need it**:
The dep-reviewers group seems to get assigned PRs early the the review process. However, most code changes should be reviewed in the importing part of the code base first, and then assigned to an approver after.
By removing the reviewers group, the approvers plugin will still suggest assigning to an approver, but won't assign for review when the PR is initially opened.
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 724a2f968c6981efc9f5a85e4ad60f56e1c0902f
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
code-gen: output golint compliant 'Generated by' comment
New PR instead of reopening #58115 because /reopen did not work.
This won't be ready to merge until the upstream https://github.com/kubernetes/gengo/pull/94 merges. Once that merges, the second commit will be changed to godep-save.sh and update-staging-godeps.sh, and the last commit will be changed to update-all.sh
The failing test is due to the upstream changes not being merged yet
```devel-release-note
Go code generated by the code generators will now have a comment which allows them to be easily identified by golint
```
Fixes#56489
Kubernetes-commit: 1eb1c00c44f8f597b9b23a05cd0a8da205c87f8a
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
fix some syntax related errors
**What this PR does / why we need it**:
fix some syntax related errors
**Special notes for your reviewer**:
None
```release-note
NONE
```
Kubernetes-commit: effa021db773fb95c9e8fbe5646d01784bb2f7f6
Automatic merge from submit-queue (batch tested with PRs 60011, 59256, 59293, 60328, 60367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Serve OpenAPI spec with single /openapi/v2 endpoint
**What this PR does / why we need it**:
We are deprecating format-separated endpoints (`/swagger.json`, `/swagger-2.0.0.json`, `/swagger-2.0.0.pb-v1`, `/swagger-2.0.0.pb-v1.gz`) for OpenAPI spec, and switching to a single `/openapi/v2` endpoint in Kubernetes 1.10. The design doc and deprecation process are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU
Requested format is specified by setting HTTP headers
header | possible values
-- | --
Accept | `application/json`, `application/com.github.proto-openapi.spec.v2@v1.0+protobuf`
Accept-Encoding | `gzip`
This PR changes dynamic_client (and kubectl as a result) to use the new endpoint. The old endpoints will remain in 1.10 and 1.11, and get removed in 1.12.
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
action required: Deprecate format-separated endpoints for OpenAPI spec. Please use single `/openapi/v2` endpoint instead.
```
/sig api-machinery
Kubernetes-commit: d6153194d929ad6c036d5bbbf67a6f892e75feb5
Automatic merge from submit-queue (batch tested with PRs 50724, 59025, 59710, 59404, 59958). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Require boilerplate on Bazel Skylark source files
**What this PR does / why we need it**: `.bzl` files are also source code, so they should probably have the boilerplate text too.
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 5e10b13f7e745f767a1e2f4b261d84a67e318048
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add comments about potential race in delta fifo
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
/sig api-machinery
Kubernetes-commit: 0394ffba6de860ece173a9a485d3518d3a8d37f2
Automatic merge from submit-queue (batch tested with PRs 59463, 59719, 60181, 58283, 59966). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Split self-signed cert and CA
The key usage limitation of TLS Server Auth makes the cert invalid as a CA.
This switches to generate a single-use CA, uses it to sign the serving cert, then appends the CA to the cert bytes.
* allows a client to continue to reference the cert file as a trust bundle, which now contains a valid CA cert
* continues to keep the generated certificate valid only for serving purposes
Fixes https://github.com/kubernetes/client-go/issues/311
```release-note
NONE
```
Kubernetes-commit: 5d144152e4d07f3752c05ec24e31d840adcd90a2
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
apiextensions: add subresources for custom resources
Fixes#38113Fixes#58778
**Related**:
- Proposal: https://github.com/kubernetes/community/pull/913
- For custom resources to work with `kubectl scale`: https://github.com/kubernetes/kubernetes/pull/58283
**Add types**:
- Add `CustomResourceSubResources` type to CRD.
- Fix proto generation for `CustomResourceSubResourceStatus`: https://github.com/kubernetes/kubernetes/pull/55970.
- Add feature gate for `CustomResourceSubResources`.
- Update CRD strategy: if feature gate is disabled, this feature is dropped (i.e. set to `nil`).
- Add validation for `CustomResourceSubResources`:
- `SpecReplicasPath` should not be empty and should be a valid json path under `.spec`. If there is no value under the given path in the CustomResource, the `/scale` subresource will return an error on GET.
- `StatusReplicasPath` should not be empty and should be a valid json path under `.status`. If there is no value under the given path in the CustomResource, the status replica value in the /scale subresource will default to 0.
- If present, `LabelSelectorPath` should be a valid json path. If there is no value under `LabelSelectorPath` in the CustomResource, the status label selector value in the `/scale` subresource will default to the empty string.
- `ScaleGroupVersion` should be `autoscaling/v1`.
- If `CustomResourceSubResources` is enabled, only `properties` is allowed under the root schema for CRD validation.
**Add status and scale subresources**:
- Use helper functions from `apimachinery/pkg/apis/meta/v1/unstructured/helpers.go`.
- Improve error handling: https://github.com/kubernetes/kubernetes/pull/56563, https://github.com/kubernetes/kubernetes/pull/58215.
- Introduce Registry interface for storage.
- Update storage:
- Introduce `CustomResourceStorage` which acts as storage for the custom resource and its status and scale subresources. Note: storage for status and scale is only enabled when the feature gate is enabled _and_ the respective fields are enabled in the CRD.
- Introduce `StatusREST` and its `New()`, `Get()` and `Update()` methods.
- Introduce `ScaleREST` and its `New()`, `Get()` and `Update()` methods.
- Get and Update use the json paths from the CRD and use it to return an `autoscaling/v1.Scale` object.
- Update strategy:
- In `PrepareForCreate`,
- Clear `.status`.
- Set `.metadata.generation` = 1
- In `PrepareForUpdate`,
- Do not update `.status`.
- If both the old and new objects have `.status` and it is changed, set it back to its old value.
- If the old object has a `.status` but the new object doesn't, set it to the old value.
- If old object did not have a `.status` but the new object does, delete it.
- Increment generation if spec changes i.e. in the following cases:
- If both the old and new objects had `.spec` and it changed.
- If the old object did not have `.spec` but the new object does.
- If the old object had a `.spec` but the new object doesn't.
- In `Validate` and `ValidateUpdate`,
- ensure that values at `specReplicasPath` and `statusReplicasPath` are >=0 and < maxInt32.
- make sure there are no errors in getting the value at all the paths.
- Introduce `statusStrategy` with its methods.
- In `PrepareForUpdate`:
- Do not update `.spec`.
- If both the old and new objects have `.spec` and it is changed, set it back to its old value.
- If the old object has a `.spec` but the new object doesn't, set it to the old value.
- If old object did not have a `.spec` but the new object does, delete it.
- Do not update `.metadata`.
- In `ValidateStatusUpdate`:
- For CRD validation, validate only under `.status`.
- Validate value at `statusReplicasPath` as above. If `labelSelectorPath` is a path under `.status`, then validate it as well.
- Plug into the custom resource handler:
- Store all three storage - customResource, status and scale in `crdInfo`.
- Use the storage as per the subresource in the request.
- Use the validator as per the subresource (for status, only use the schema for `status`, if present).
- Serve the endpoint as per the subresource - see `serveResource`, `serveStatus` and `serveScale`.
- Update discovery by adding the `/status` and `/scale` resources, if enabled.
**Add tests**:
- Add unit tests in `etcd_test.go`.
- Add integration tests.
- In `subresources_test.go`, use the [polymporphic scale client](https://github.com/kubernetes/kubernetes/tree/master/staging/src/k8s.io/client-go/scale) to get and update `Scale`.
- Add a test to check everything works fine with yaml in `yaml_test.go`.
**Release note**:
```release-note
`/status` and `/scale` subresources are added for custom resources.
```
Kubernetes-commit: 6e856480c05424b5cd2cfcbec692a801b856ccb2
Automatic merge from submit-queue (batch tested with PRs 60158, 60156, 58111, 57583, 60055). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix typos in configmaplock
**What this PR does / why we need it**:
Fixes some typos in `configmaplock.go`. Seems to be a combination of copy/paste errors from `endpointslock.go` and find/replace gone wrong.
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 6be660a81eaa98ccae39ca4c968ea616b2adbecd
Automatic merge from submit-queue (batch tested with PRs 60158, 60156, 58111, 57583, 60055). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
add support for /token subresource in serviceaccount registry
I'm planning on implementing the registry bits (this) in one PR and followup with an authenticator that supports new id tokens.
https://github.com/kubernetes/kubernetes/issues/58790
@kubernetes/sig-auth-pr-reviews
```release-note
NONE
```
Kubernetes-commit: 8b94ae8ca8d06bfc3c9b2f73daaca69840f86d2f
Automatic merge from submit-queue (batch tested with PRs 58716, 59977, 59316, 59884, 60117). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Cap how long the kubelet waits when it has no client cert
If we go a certain amount of time without being able to create a client
cert and we have no current client cert from the store, exit. This
prevents a corrupted local copy of the cert from leaving the Kubelet in a
zombie state forever. Exiting allows a config loop outside the Kubelet
to clean up the file or the bootstrap client cert to get another client
cert.
Five minutes is a totally arbitary timeout, judged to give enough time for really slow static pods to boot.
@mikedanese
```release-note
Set an upper bound (5 minutes) on how long the Kubelet will wait before exiting when the client cert from disk is missing or invalid. This prevents the Kubelet from waiting forever without attempting to bootstrap a new client credentials.
```
Kubernetes-commit: 2bbaf430d8a22287ae6a85c6c0b5736a80269e81
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
oidc authentication: switch to v2 of coreos/go-oidc
Switch to v2 of [coreos/go-oidc](https://github.com/coreos/go-oidc), which uses square/go-jose to verify tokens and supports more signing algorithms.
Most of this PR removes dependencies used by the older version of github.com/coreos/go-oidc, and updates vendor files.
This PR has been tested against tokens issued by Okta, Google, and CoreOS's dex.
Closes https://github.com/kubernetes/kubernetes/issues/57806
```release-note
kube-apiserver: the OpenID Connect authenticator can now verify ID Tokens signed with JOSE algorithms other than RS256 through the --oidc-signing-algs flag.
kube-apiserver: the OpenID Connect authenticator no longer accepts tokens from the Google v3 token APIs, users must switch to the "https://www.googleapis.com/oauth2/v4/token" endpoint.
```
cc @rithujohn191 @liggitt
cc @kubernetes/sig-auth-pr-reviews
Kubernetes-commit: cdbc4fbe20c94694bc25910d54a7de52a98b6650
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Introduce PodSecurityPolicy in the policy/v1beta1 API group
Types/constants are completely the same as in `extensions/v1beta1` except that they are located outside of the `extensions` API group.
**What this PR does / why we need it**:
This is the first step for migrating PSP-related stuff away of `extensions` group. See #43214 for more information.
Also it related to https://github.com/kubernetes/features/issues/5
**Example**:
```console
$ cat restricted2.yaml
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: restricted2
...
$ kubectl create -f restricted.yaml
podsecuritypolicy "restricted2" created
$ kubectl get psp restricted2 -o yaml
apiVersion: extensions/v1beta1
kind: PodSecurityPolicy
...
```
**Release note**:
```release-note
The `PodSecurityPolicy` API has been moved to the `policy/v1beta1` API group. The `PodSecurityPolicy` API in the `extensions/v1beta1` API group is deprecated and will be removed in a future release.
```
Kubernetes-commit: f8298702ffe644a4f021e23a616ad6a8790a5537
Automatic merge from submit-queue (batch tested with PRs 59634, 59821, 57850, 59916, 60032). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update to latest gophercloud/gophercloud for 1.10
**What this PR does / why we need it**:
Looks like we end up with just the following change:
https://github.com/gophercloud/gophercloud/pull/730
(Prevent Recursive BuildRequestBody)
The full set of changes between the old and new SHA are here:
8e59687aa4...6da026c32e
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 77254255223774543cdf9941cd7c32f99da11261
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add cblecker to vendor OWNERS
**What this PR does / why we need it**:
Adds myself to vendor OWNERS. I can help approve dep bumps of existing deps, and refer to Tim and new deps for license review.
**Release note**:
```release-note
NONE
```
/assign thockin
Kubernetes-commit: 852e7f7bfa43d1427706c59453e39f2de12a4f32
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Update bazelbuild/rules_go, kubernetes/repo-infra, and gazelle dependencies
**What this PR does / why we need it**: updates our bazelbuild/rules_go dependency in order to bump everything to go1.9.4. I'm separating this effort into two separate PRs, since updating rules_go requires a large cleanup, removing an attribute from most build rules.
**Release note**:
```release-note
NONE
```
Kubernetes-commit: 96ec3187180b9c1d722756b3ea0984ebe65424dc
